And I can tell you for SURE, most of the sites that/. links to would appreciate having their Star Trek parodies, ISO's, and stop-motion LEGO animations mirrored
Most of them, sure. But it just takes one litigious dork who doesn't want his stuff mirrored to ruin it for the rest of us. I agree in general that slashdot should do this, but the details of getting the permission to do so could badly slow the story submission process. At present, I don't think they know how to get out of this predicament, hence, no mirrors.
Re:not clear on the concept
on
IT at the CIA
·
· Score: 2, Insightful
I disagree. Look at one of his recommendations:
The most critical upgrade for the DI is deploying a fully integrated workstation that allows DI analysts to move easily among programs, databases, and security levels. In addition, the DI should put a high priority on introducing SIPRNET-- DoD's SECRET-level network--into each workstation. SIPRNET may become the nucleus of a secure communications system for homeland security (that will include law enforcement and emergency response personnel, in addition to a broad set of military users). Use of SIPRNET would also give DI analysts an IT platform that is less restricted than their current, highly classified network. This would allow them to communicate and publish products in a large, but reasonably secure environment.
There's a good idea buried in there: get SIPRNET onto analyst's desktops. Unfortunately, it's buried in bad ideas....and don't even start me on the phrase "reasonably secure environment."
not clear on the concept
on
IT at the CIA
·
· Score: 4, Insightful
The first part of his analysis reads very clearly like someone who didn't bother to understand the business he was advising before spouting off. (This is a common problem with consultants.)
He dismisses the security concerns that prevent a lot of technology deployment as risk elimination rather than risk management, and says that this attitude hurts IT deployment within the CIA. The thing is, he says this without understanding that the CIA's risk profile is *totally* different from a business risk profile. The CIA can not take risks that a business can, as lives, not dollars, are at stake in the work they do. Any actual security consultant who made that mistake would (should) be fired on the spot.
Granted, it sounds like his other recommendations (streamlining procurement, merging different IT groups within the CIA) are reasonable, but as a security person, that first paragraph just set me off.
I could see some argument made for storing resumes of all candidates for one year. "Candidates" might be classified as all people who receive a phone screen or an actual face-to-face interview. This could be useful data in discrimination lawsuits, both for the plaintiff and the defending company.
So, if you never make it to "candidate" status, you have less of a leg to stand on legally. To me, that will lead to some dork intentionally avoiding giving "candidate" status to some minorities. Since they don't have to save the resumes for non-candidates, they don't have to face the evidence in a discrimination lawsuit. That can't be the result you were looking for.
Yeah, the law makes things messy. But, suck as it may, the best way to prove that you weren't being racist in your hiring *is* to save all your applications, even Johnny Dropout's.
Well, it's not that easy to say he won't ever see another RIAA case..."Judge Shopping" is something the courts frown upon. In fact, pulling a case when a judge is appointed, only to re-file it & get another judge is a quick way to get your entire case thrown out.
If they want to file in another district, that's still okay...but in his district, they're stuck w/him.
1) if there's a public list of direct-email sites somewhere, great...instant blacklist. Let them make a list. I'm all for it. 2) The only *real* way to fix the unscrupulous spam problem is to make it no longer pay. To that end, I'm seriously considering writing a script that will fill spammers' order databases with bogus orders (and will do so through anonymous proxies like Peekabooty). My only concern right now is that it's probably fraud, so I'm hesitating.
Actually, I've been thinking about doing this via anonymous proxies, or better yet, anonymous proxy networks like Peekabooty, for a while. If you use a proxy network, it'll be almost impossible to trace & stop.
Of course, there are some potential legal issues (is it fraud to lie to a spammer's billing database?), so I'm hesitant to actually set it up, but it's been fun to think though.
ARIN did notify the public. ARIN, RIPE, APNIC, etc are often announcing allocations to groups like NANOG. I don't see how much louder they could be. If you're filtering based on their reserved lists, it's your responsibility to keep up with their allocation updates.
The problem is not the allocator's fault...at least, not directly. The problem is that lots of folks put in filters based on the bogon list at the time of their firewall/soho router install, and promptly forget about the fact that those filters should change (or, more likely, the consultant left).
There's nothing that ARIN, IANA or anyone else can do to enforce clue at the edge of a network. Hence the problem. If you're not prepared to keep up with groups like NANOG, don't filter unallocated space.
Why should "geeks around the world" take the lead on this? Why shouldn't we let the Iraqis do this? Granted, the present owner is having issues...one of the technical contacts for.iq is presently being held by the feds for contact with Hamas, but I really think that this would be better handled by the Iraqis themselves.
If they want help, we should absolutely offer it, but I don't like the implied statement of "Let's take this thing of the Iraqis, make something that we think is cool out of it, and then claim we're helping them with it."
You know, I have to wonder about this. I read that bug report, and it lists lots of people noting the problem, and some of them seeing it fixed with new drivers, others not.
The reason I don't feel like blaming ATI is an adequate explanation is this: Why is it only Mozilla that has this problem? OpenOffice runs fine. NMapWin, NessusWX, Cygwin, Eudora, Quicktime....none of these programs have problems with this card...only Mozilla does. Some of these programs are doing much more graphic-intensive things than Moz, so it's not that they're not pushing as hard as Moz.
Blaming ATI seems weird, since Moz is the only one having this problem...if ATI sucks so much, why doesn't any other program have problems with it?
What's with the long-term bug with ATI cards (random crashes on some sites, according to the Known Problems)? Almost every Gateway PC I've worked with (and some Dells as well) have ATI's in them, which means I can never use Moz at work (and can't realistically recommend it to less-technical friends, since they have those machines as well). This bug has been there since at least 1.0, if not earlier (haven't checked earlier).
Perhaps I don't understand the history, but it looks really bad for Moz to simply randomly crash on two of the biggest name-brand computers out there. What gives?
Much of the problem with the laws such as the recent state anti-NAT laws and the DMCA revolves around judicial interpretation. (Eg, whether NAT or freenet is illegal strongly depends on how the courts read the definitions of a communications device in the various laws.) My question to you is: is there anything we can do to influence this interpretation? From my understanding, once there is a ruling on a subject, that becomes precedent, so if we can get a ruling stating that these laws do not cover things like freenet, life gets better. Getting that ruling, however, is hard. Is there a "good" way to do that (besides bankrupting myself by getting prosecuted for violating it)?
I'm still amazed that they spelled "legitimize" right, but got "Insight" wrong. I think it's a secret test....get the grammar nazis so worked up over a really simple word, so they don't actually read the story.
oh, wait, no one's going to read it anyway. Never mind.
I read this a few years ago, and would absolutely recommend it to anyone interested in the history of the bomb.
There are a lot of good things about it, but one of my favorites is the fact that the book is filled with direct quotes from letters, diaries, memos, etc from the people involved. You really get a good idea of what the people were actually thinking in their own words, not just the historical summary.
One thing that surprises me about his review is that he mentioned the cheapness of life early on in the century, but doesn't mention the chapter on the effects of the bomb. One of the most powerful chapters in the book is amost nothing but direct quotes from interviews and diaries of folks who were in Hiroshima and Nagasaki when they were bombed. It's very powerful, and a good reminder of just what a nuke actually does to people.
Re:Why not try for the ISS
on
Columbia Coverage
·
· Score: 2, Insightful
The ISS and Columbia were in *very* different orbits. Realize, the orbits we're talking about are not just circles over a fixed latitude. The orbits are at an angle to the equator (called the inclination). That's why you see the orbit path move across the earth in a sinusoidal path....it's not orbiting at the same angle as the rotation of the earth.
ISS' inclination is about 51 degrees, which is pretty big (ie, it's over 45 degrees off of the equatorial line). I don't remember what Columbia was at, but that wasn't it. To get the Shuttle up to that declination from their orbit would have taken a buttload of fuel, or a lot of time, neither of which were available.
Sorry, nice thought, but not possible in this case.
If you're just going to college to get help you get work, why not go to a vocational college? Why waste time with the Ivys? (answering my own question) because there's more to life than just work. Live and look around for a change.
Actually, they may have already lost that right. According to his page, he contacted them about this page several *years* ago. As you said, they have to act once they know of someone using their mark or they lose it. Since they've clearly known about his site for several years, they've failed this test, and have probably legally lost the trademark on PCI.
Now, making this into reality would mean going after the PCI folks head-on, which might not be what this guy wants to do. But, if you were feeling destructive, I bet you could cost the PCI folks their trademark with the evidence he has.
I'm assuming that the packets will traverse Ethernet at some point in their trip. For most networks, this is a fairly safe assumption. At the point where it moves onto the Ethernet segment the packet will be padded to the minimum size, and that will happen before it hits any server at the other end.
Not true. RFC 894 defines the minimum frame size for IP over Ethernet. It states:
The minimum length of the data field of a packet sent over an Ethernet is 46 octets. If necessary, the data field should be padded (with octets of zero) to meet the Ethernet minimum frame size.
Any device that's building Ethernet frames should follow the spec, and pad out packets to their proper size. So, if you send out an under-size packet that has to be routed, you'll get unpredictable results...1) your router may properly pad it with zeros, which destroys your attack...or 2) the router may give you bits of its memory, which isn't what the advisory was about, but could be interesting on its own.
This has nothing to do with sniffing your network. This has to do with your machine allowing an attacker read (admittedly small) segments of memory out of your system over the network. and no, a switch won't help anyway, since the whole idea is to ping the target, and look at its response.
Slashdot Mirror
Most of them, sure. But it just takes one litigious dork who doesn't want his stuff mirrored to ruin it for the rest of us. I agree in general that slashdot should do this, but the details of getting the permission to do so could badly slow the story submission process. At present, I don't think they know how to get out of this predicament, hence, no mirrors.
The first part of his analysis reads very clearly like someone who didn't bother to understand the business he was advising before spouting off. (This is a common problem with consultants.)
He dismisses the security concerns that prevent a lot of technology deployment as risk elimination rather than risk management, and says that this attitude hurts IT deployment within the CIA. The thing is, he says this without understanding that the CIA's risk profile is *totally* different from a business risk profile. The CIA can not take risks that a business can, as lives, not dollars, are at stake in the work they do. Any actual security consultant who made that mistake would (should) be fired on the spot.
Granted, it sounds like his other recommendations (streamlining procurement, merging different IT groups within the CIA) are reasonable, but as a security person, that first paragraph just set me off.
I could see some argument made for storing resumes of all candidates for one year. "Candidates" might be classified as all people who receive a phone screen or an actual face-to-face interview. This could be useful data in discrimination lawsuits, both for the plaintiff and the defending company.
So, if you never make it to "candidate" status, you have less of a leg to stand on legally. To me, that will lead to some dork intentionally avoiding giving "candidate" status to some minorities. Since they don't have to save the resumes for non-candidates, they don't have to face the evidence in a discrimination lawsuit. That can't be the result you were looking for.
Yeah, the law makes things messy. But, suck as it may, the best way to prove that you weren't being racist in your hiring *is* to save all your applications, even Johnny Dropout's.
So, in other words, you only use this if you want to claim to be l33ter than thou...anyone with an actual life uses Gentoo.
Okay, I can see that.
...and of course the whole problem here is that the PA folks made her look like a tart.
Well, it's not that easy to say he won't ever see another RIAA case..."Judge Shopping" is something the courts frown upon. In fact, pulling a case when a judge is appointed, only to re-file it & get another judge is a quick way to get your entire case thrown out.
If they want to file in another district, that's still okay...but in his district, they're stuck w/him.
2 thoughts:
1) if there's a public list of direct-email sites somewhere, great...instant blacklist. Let them make a list. I'm all for it.
2) The only *real* way to fix the unscrupulous spam problem is to make it no longer pay. To that end, I'm seriously considering writing a script that will fill spammers' order databases with bogus orders (and will do so through anonymous proxies like Peekabooty). My only concern right now is that it's probably fraud, so I'm hesitating.
Actually, I've been thinking about doing this via anonymous proxies, or better yet, anonymous proxy networks like Peekabooty, for a while. If you use a proxy network, it'll be almost impossible to trace & stop.
Of course, there are some potential legal issues (is it fraud to lie to a spammer's billing database?), so I'm hesitant to actually set it up, but it's been fun to think though.
ARIN did notify the public. ARIN, RIPE, APNIC, etc are often announcing allocations to groups like NANOG. I don't see how much louder they could be. If you're filtering based on their reserved lists, it's your responsibility to keep up with their allocation updates.
The problem is not the allocator's fault...at least, not directly. The problem is that lots of folks put in filters based on the bogon list at the time of their firewall/soho router install, and promptly forget about the fact that those filters should change (or, more likely, the consultant left).
There's nothing that ARIN, IANA or anyone else can do to enforce clue at the edge of a network. Hence the problem. If you're not prepared to keep up with groups like NANOG, don't filter unallocated space.
Why should "geeks around the world" take the lead on this? Why shouldn't we let the Iraqis do this? Granted, the present owner is having issues...one of the technical contacts for .iq is presently being held by the feds for contact with Hamas, but I really think that this would be better handled by the Iraqis themselves.
If they want help, we should absolutely offer it, but I don't like the implied statement of "Let's take this thing of the Iraqis, make something that we think is cool out of it, and then claim we're helping them with it."
You know, I have to wonder about this. I read that bug report, and it lists lots of people noting the problem, and some of them seeing it fixed with new drivers, others not.
The reason I don't feel like blaming ATI is an adequate explanation is this: Why is it only Mozilla that has this problem? OpenOffice runs fine. NMapWin, NessusWX, Cygwin, Eudora, Quicktime....none of these programs have problems with this card...only Mozilla does. Some of these programs are doing much more graphic-intensive things than Moz, so it's not that they're not pushing as hard as Moz.
Blaming ATI seems weird, since Moz is the only one having this problem...if ATI sucks so much, why doesn't any other program have problems with it?
I've tried that on a couple machines, and it didn't help (including the machine I'm on presently...Moz crashes before it finishes loading).
What's with the long-term bug with ATI cards (random crashes on some sites, according to the Known Problems)? Almost every Gateway PC I've worked with (and some Dells as well) have ATI's in them, which means I can never use Moz at work (and can't realistically recommend it to less-technical friends, since they have those machines as well). This bug has been there since at least 1.0, if not earlier (haven't checked earlier).
Perhaps I don't understand the history, but it looks really bad for Moz to simply randomly crash on two of the biggest name-brand computers out there. What gives?
Much of the problem with the laws such as the recent state anti-NAT laws and the DMCA revolves around judicial interpretation. (Eg, whether NAT or freenet is illegal strongly depends on how the courts read the definitions of a communications device in the various laws.) My question to you is: is there anything we can do to influence this interpretation? From my understanding, once there is a ruling on a subject, that becomes precedent, so if we can get a ruling stating that these laws do not cover things like freenet, life gets better. Getting that ruling, however, is hard. Is there a "good" way to do that (besides bankrupting myself by getting prosecuted for violating it)?
thanks.
I'm still amazed that they spelled "legitimize" right, but got "Insight" wrong. I think it's a secret test....get the grammar nazis so worked up over a really simple word, so they don't actually read the story.
oh, wait, no one's going to read it anyway. Never mind.
Hmmm...valentine's day...atomic bombs. Chris, do you need a date or something? This really sounds like a not-so-subtle hint.
I read this a few years ago, and would absolutely recommend it to anyone interested in the history of the bomb.
There are a lot of good things about it, but one of my favorites is the fact that the book is filled with direct quotes from letters, diaries, memos, etc from the people involved. You really get a good idea of what the people were actually thinking in their own words, not just the historical summary.
One thing that surprises me about his review is that he mentioned the cheapness of life early on in the century, but doesn't mention the chapter on the effects of the bomb. One of the most powerful chapters in the book is amost nothing but direct quotes from interviews and diaries of folks who were in Hiroshima and Nagasaki when they were bombed. It's very powerful, and a good reminder of just what a nuke actually does to people.
The ISS and Columbia were in *very* different orbits. Realize, the orbits we're talking about are not just circles over a fixed latitude. The orbits are at an angle to the equator (called the inclination). That's why you see the orbit path move across the earth in a sinusoidal path....it's not orbiting at the same angle as the rotation of the earth.
ISS' inclination is about 51 degrees, which is pretty big (ie, it's over 45 degrees off of the equatorial line). I don't remember what Columbia was at, but that wasn't it. To get the Shuttle up to that declination from their orbit would have taken a buttload of fuel, or a lot of time, neither of which were available.
Sorry, nice thought, but not possible in this case.
If you're just going to college to get help you get work, why not go to a vocational college? Why waste time with the Ivys? (answering my own question) because there's more to life than just work. Live and look around for a change.
Drugs. Very powerful drugs. Preferrably hallucinogens.
Actually, they may have already lost that right. According to his page, he contacted them about this page several *years* ago. As you said, they have to act once they know of someone using their mark or they lose it. Since they've clearly known about his site for several years, they've failed this test, and have probably legally lost the trademark on PCI.
Now, making this into reality would mean going after the PCI folks head-on, which might not be what this guy wants to do. But, if you were feeling destructive, I bet you could cost the PCI folks their trademark with the evidence he has.
I think we're talking past each other.
I'm assuming that the packets will traverse Ethernet at some point in their trip. For most networks, this is a fairly safe assumption. At the point where it moves onto the Ethernet segment the packet will be padded to the minimum size, and that will happen before it hits any server at the other end.
Any device that's building Ethernet frames should follow the spec, and pad out packets to their proper size. So, if you send out an under-size packet that has to be routed, you'll get unpredictable results...1) your router may properly pad it with zeros, which destroys your attack...or 2) the router may give you bits of its memory, which isn't what the advisory was about, but could be interesting on its own.
read the advisory.
This has nothing to do with sniffing your network. This has to do with your machine allowing an attacker read (admittedly small) segments of memory out of your system over the network. and no, a switch won't help anyway, since the whole idea is to ping the target, and look at its response.